Warning: Permanently added '[localhost]:26961' (ECDSA) to the list of known hosts.
2025/08/29 09:21:27 fuzzer started
2025/08/29 09:21:27 dialing manager at localhost:43077
syzkaller login: [ 59.550234] cgroup: Unknown subsys name 'net'
[ 59.646712] cgroup: Unknown subsys name 'cpuset'
[ 59.674675] cgroup: Unknown subsys name 'rlimit'
2025/08/29 09:21:38 syscalls: 2214
2025/08/29 09:21:38 code coverage: enabled
2025/08/29 09:21:38 comparison tracing: enabled
2025/08/29 09:21:38 extra coverage: enabled
2025/08/29 09:21:38 setuid sandbox: enabled
2025/08/29 09:21:38 namespace sandbox: enabled
2025/08/29 09:21:38 Android sandbox: enabled
2025/08/29 09:21:38 fault injection: enabled
2025/08/29 09:21:38 leak checking: enabled
2025/08/29 09:21:38 net packet injection: enabled
2025/08/29 09:21:38 net device setup: enabled
2025/08/29 09:21:38 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2025/08/29 09:21:38 devlink PCI setup: PCI device 0000:00:10.0 is not available
2025/08/29 09:21:38 USB emulation: enabled
2025/08/29 09:21:38 hci packet injection: enabled
2025/08/29 09:21:38 wifi device emulation: enabled
2025/08/29 09:21:38 802.15.4 emulation: enabled
2025/08/29 09:21:38 fetching corpus: 0, signal 0/2000 (executing program)
2025/08/29 09:21:39 fetching corpus: 50, signal 19776/23235 (executing program)
2025/08/29 09:21:39 fetching corpus: 100, signal 30834/35527 (executing program)
2025/08/29 09:21:39 fetching corpus: 150, signal 41796/47472 (executing program)
2025/08/29 09:21:39 fetching corpus: 200, signal 47984/54683 (executing program)
2025/08/29 09:21:39 fetching corpus: 250, signal 52682/60390 (executing program)
2025/08/29 09:21:39 fetching corpus: 300, signal 57267/65812 (executing program)
2025/08/29 09:21:39 fetching corpus: 350, signal 61393/70745 (executing program)
2025/08/29 09:21:39 fetching corpus: 400, signal 65978/75976 (executing program)
2025/08/29 09:21:39 fetching corpus: 450, signal 69710/80303 (executing program)
2025/08/29 09:21:40 fetching corpus: 500, signal 72128/83419 (executing program)
2025/08/29 09:21:40 fetching corpus: 550, signal 74161/86148 (executing program)
2025/08/29 09:21:40 fetching corpus: 600, signal 76461/89075 (executing program)
2025/08/29 09:21:40 fetching corpus: 650, signal 79773/92732 (executing program)
2025/08/29 09:21:40 fetching corpus: 700, signal 82033/95458 (executing program)
2025/08/29 09:21:40 fetching corpus: 750, signal 84487/98333 (executing program)
2025/08/29 09:21:40 fetching corpus: 800, signal 86162/100444 (executing program)
2025/08/29 09:21:40 fetching corpus: 850, signal 87700/102456 (executing program)
2025/08/29 09:21:40 fetching corpus: 900, signal 90188/105054 (executing program)
2025/08/29 09:21:40 fetching corpus: 950, signal 91763/106997 (executing program)
2025/08/29 09:21:41 fetching corpus: 1000, signal 93524/109072 (executing program)
2025/08/29 09:21:41 fetching corpus: 1050, signal 95111/110880 (executing program)
2025/08/29 09:21:41 fetching corpus: 1100, signal 96918/112813 (executing program)
2025/08/29 09:21:41 fetching corpus: 1150, signal 98859/114769 (executing program)
2025/08/29 09:21:41 fetching corpus: 1200, signal 99832/116124 (executing program)
2025/08/29 09:21:41 fetching corpus: 1250, signal 103049/118872 (executing program)
2025/08/29 09:21:41 fetching corpus: 1300, signal 104318/120325 (executing program)
2025/08/29 09:21:41 fetching corpus: 1350, signal 106021/121994 (executing program)
2025/08/29 09:21:42 fetching corpus: 1400, signal 107727/123699 (executing program)
2025/08/29 09:21:42 fetching corpus: 1450, signal 109545/125319 (executing program)
2025/08/29 09:21:42 fetching corpus: 1500, signal 110433/126385 (executing program)
2025/08/29 09:21:42 fetching corpus: 1550, signal 111779/127656 (executing program)
2025/08/29 09:21:42 fetching corpus: 1600, signal 112818/128731 (executing program)
2025/08/29 09:21:42 fetching corpus: 1650, signal 113929/129819 (executing program)
2025/08/29 09:21:43 fetching corpus: 1700, signal 115151/130923 (executing program)
2025/08/29 09:21:43 fetching corpus: 1750, signal 116064/131842 (executing program)
2025/08/29 09:21:43 fetching corpus: 1800, signal 116710/132601 (executing program)
2025/08/29 09:21:43 fetching corpus: 1850, signal 118112/133708 (executing program)
2025/08/29 09:21:43 fetching corpus: 1900, signal 119703/134854 (executing program)
2025/08/29 09:21:43 fetching corpus: 1950, signal 121178/135867 (executing program)
2025/08/29 09:21:43 fetching corpus: 2000, signal 122542/136930 (executing program)
2025/08/29 09:21:43 fetching corpus: 2050, signal 124039/137971 (executing program)
2025/08/29 09:21:44 fetching corpus: 2100, signal 124860/138658 (executing program)
2025/08/29 09:21:44 fetching corpus: 2150, signal 125955/139452 (executing program)
2025/08/29 09:21:44 fetching corpus: 2200, signal 126871/140178 (executing program)
2025/08/29 09:21:44 fetching corpus: 2250, signal 127793/140862 (executing program)
2025/08/29 09:21:44 fetching corpus: 2300, signal 128725/141506 (executing program)
2025/08/29 09:21:44 fetching corpus: 2350, signal 129465/142017 (executing program)
2025/08/29 09:21:44 fetching corpus: 2400, signal 130497/142614 (executing program)
2025/08/29 09:21:44 fetching corpus: 2450, signal 131329/143113 (executing program)
2025/08/29 09:21:44 fetching corpus: 2500, signal 132036/143587 (executing program)
2025/08/29 09:21:45 fetching corpus: 2550, signal 133046/144178 (executing program)
2025/08/29 09:21:45 fetching corpus: 2600, signal 133667/144619 (executing program)
2025/08/29 09:21:45 fetching corpus: 2650, signal 134261/145006 (executing program)
2025/08/29 09:21:45 fetching corpus: 2700, signal 134841/145390 (executing program)
2025/08/29 09:21:45 fetching corpus: 2750, signal 136069/145932 (executing program)
2025/08/29 09:21:45 fetching corpus: 2800, signal 136578/146215 (executing program)
2025/08/29 09:21:45 fetching corpus: 2850, signal 137231/146549 (executing program)
2025/08/29 09:21:45 fetching corpus: 2900, signal 137966/146872 (executing program)
2025/08/29 09:21:45 fetching corpus: 2950, signal 138643/147170 (executing program)
2025/08/29 09:21:46 fetching corpus: 3000, signal 139329/147435 (executing program)
2025/08/29 09:21:46 fetching corpus: 3050, signal 139961/147728 (executing program)
2025/08/29 09:21:46 fetching corpus: 3100, signal 140653/147958 (executing program)
2025/08/29 09:21:46 fetching corpus: 3150, signal 141141/148123 (executing program)
2025/08/29 09:21:46 fetching corpus: 3200, signal 141836/148355 (executing program)
2025/08/29 09:21:46 fetching corpus: 3250, signal 142292/148510 (executing program)
2025/08/29 09:21:46 fetching corpus: 3300, signal 143325/148651 (executing program)
2025/08/29 09:21:46 fetching corpus: 3350, signal 144162/148820 (executing program)
2025/08/29 09:21:46 fetching corpus: 3400, signal 144854/148929 (executing program)
2025/08/29 09:21:47 fetching corpus: 3450, signal 145570/149145 (executing program)
2025/08/29 09:21:47 fetching corpus: 3500, signal 146339/149250 (executing program)
2025/08/29 09:21:47 fetching corpus: 3550, signal 146949/149314 (executing program)
2025/08/29 09:21:47 fetching corpus: 3563, signal 147023/149316 (executing program)
2025/08/29 09:21:47 fetching corpus: 3563, signal 147023/149316 (executing program)
2025/08/29 09:21:49 starting 8 fuzzer processes
09:21:49 executing program 0:
syz_emit_ethernet(0x6e, &(0x7f00000002c0)={@link_local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "2f2802", 0x38, 0x0, 0x0, @local, @local, {[@srh={0x0, 0x6, 0x5, 0x3, 0x0, 0x0, 0x0, [@mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private1]}]}}}}}, 0x0)
09:21:49 executing program 1:
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_pscan_rep_mode={{0x20, 0x7}}}, 0xa)
09:21:49 executing program 7:
syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000002240)=[{&(0x7f0000000240)="48a3d0c7109a0afb29ffc6fd51332e42d42d0cac6315f06260293de4184af8d812b6dce006393a25763353c046f9afdabff918fbbafc4b243776b9b2fa15e516479f4d96b240cc4267e3e98e0b1852f16b6d91bb8c569b8d25e31de69a0a8a831670b822a28031a18421f406df4e7cf24065ea1c09bbba70f69ed047edee48e5aa701f59fde9b8e79c3f0d91c749922790e7cc48f6c5e4dcbbbf1bb593984e5b5227f7090a367855b84c75fb0e341fd8662c841b097e053d5a2219a1cfef4388cfde4c574b29b46ac35388c20f81fc45967ee10e9e6e16900b8682c27348119a5498e19bbe91a06fe578a0f85a912431377cc38aa4155a8ac8c3939c7049dc13f36f65c0cfc6980e00628db2a30c0bc640aa4bccca542e2cf4f75b078f404095934def8426106d4ae704a07cc8f3c63c10093fee2219c365623ed7422a4031a54d9430e8eaf6175c9156454ea17f60ab8cc50f2cccb3cf855231506023e8e54448e344d61ec141bc08bb841230a67a37d0bfd4955ce2c4c8a72af9436bef4f36cee372313ed1104cb4849ea2e6f92a57bb7b013c5195d4e4f240ebe5119f38254378f9434d515f85a6ab9187c3fc1f977f422aa797d74e3391549fa5c4d51adde82213205175b8d2aa87a7f0995e1b76451888adc899065da2ab305ec011048d982ba9b9401af5a36f29c4f9e118d4984b2bcf3532e2d2d9c6b41534d037aa4917288defbf9ce49b5d98b2005f40177228b677a38ae8f051b7ed0cbf1690ce7ce5a87ba05a8a76d40059be33ed561b9bf6f4aaa78147b1531422f25aab81539b488bff29c14f8691e92cf7d7fad2e20a392aafd5e50e4f724b1fbc6e48a458a84e5c8c20c7d7aef984182ea194512bb971548fa8ec0f23a1e645a09d5c297e8deeac9fdbcf96073afcfbea3f3c1bc90f30e7df2d2d89f548c36e3799b8cb1072f60811b37d1dd83bc8dbcef6fe6390a392d5338699e8de8468c3922b914e8036073864cd28c878d255855b7ff341c85a43d23f1cdc0be5af717bcf94dfe244c5e6657286978081a29daf3cf7a8533895746573a07e25f7b1628ade5892307426bf4335da6caa388b263bb02369f01011769c43966dc4d93fbd763982efa2c9e751750ec2cc3f52b3a43faf1b4012d665fbc7b61a0f701b815a831c317cfff17033d78f683922b696ccb51b4decd0b38a170c15a43e1bd94f557cc96820d6e5d5799eea7f9c7d1c4fd4d8d15f7b536a98539a295675f503a3f0e020bde1d4e6bf0761d8b5b859590ba687c2699023668f972d9bc2f492fc6a79d33d147f6ec017a360cfc92445e5879e08bcd91918779d370635de664ca22a6d183bf1dfe3a8d887d7ab5248dba5e740edd5c2d10c8650f6dbcec0afec9120fc4ec9c66e4378963eb5037deeec589a340f1eb58e0a39ff40e8a1c31b6b6573e288954d96e0797c0d6ea9c0f1deaa9d5cf312a255b1c7f368eaeaccb1badec9e0c6e174f984cdf8338abd940c269784c66567d3e00b190f00d923d65cd29df45fd49e702c459f6f90a480f63504138aaa1f7dfe4a50973c9c030dc24b0cfc7d4be2e9eb85971acbb3a4fcd54123b637e7077c29a838490e8cf04175678cced43ce097e7f049cf5041ce3b83e1ebc904fdaf130d14fd6fdcb4b1095afd69ad6d2e99e26debe4bfaf1b97575d117b23e59770aa38e66278fa415335b4d873b730a65b76047d71c1c5f9c327fcb5154627439bbacf430a9d192d167f98616c7d8b2de18a32ec509a74fd95b69d57b7278d1be78e06e23852a87d1ee33107e4341b086ba9d6819e7c3008529c1fe0f3a72e4eb17e94b127840c5141f443a9d0631260ee1ea4f0d5e8ce2ccdb713952a8c334f3b45d5b6c1de10cb73a799a0f2d5080096f946b524d100747260ba57dd753aa39bcb47c365da14d40445ff1c2cb6761589770f2ebe77577fd2dd796d839722b8fb0553dc95a89168f63b69991b6274ad208a6ccb711f9a839ab20db5b9407314ecfcd8fac7afca17f8e94af4fc6d248719e1900d056ea3b4431a427db4ff792249e6ce3d9e6fd6bc313b9578ebca796260d8cb0fcc37f1982cd2d132f4c38b0978baf158e80a145f231a9cf2b8b9370763599ca42acaa57b05cc38f2ba772412ef4b1b5552e031a29958ab305321a06159fc0e74a24ff6084de70776ec6bd323c545c2eef83bb3373d30036c831e144689a35d7759000be3fd933d1e4fb8a3ff36b1f0b07626deaafb8d67ff274a89821802b4182e571dc6cef09585f88c09181e4b8850ef2412e815357b25bc5058c339e962273ce2e7827ec537ddc6ca1269272bccc1f5b2df426a9f8f344b4c78e89a70ffd7a98edc1b258a4790319f29d914f36b78e5801f74a6700ee052ae9f47b35c291d9a36406f98ef1f4f0887184305172be0a4410aa7c206664f79314b5c0c356b65586a227bb8067db82f22b280de8a810358dbc4e2d9a2395e01c9006ca160ab3b28384be39ba7fb88bbbcb6e61b706d9913067e56845fcaa19f28a5bdf55c36ff1401fbc8f9f669275438b8110c92e370ed9d91493e02c07b2d1d122e9ac9c333b0be35775f3ae518b2aa61af0159e66815732d216396f4a99cdae5858a689d414aeb24746199e51e26b56671111fe4ed6bd6d53baafff879ba149575c1f4cd27cd1f2c648435166fccea9f0941cd9a8aac49332877c16f0840d82b0188cb1ca2aac4dfadf97d35bac17f9bb32e6f26c0b6ba594fc2be2a3a653aa0bfd35ba88f49e5f591d460c7ec568d523b13fa208ff8af0b44b5970b4b057f9ca1ba1446ea58fcc0dd853c73e9e69cea47615f11010ee9d218b7229f981ba4d0d30b4b56f323f35f5e95e758f39e74ddec697a5b73eaf35044cce59cf8f6e044d0c7ab7d7308b7bbc271c7dd7ea1194befa4c39ad46febbd2c048e6f55f2cd9a19e9d7a1afa8df35be1b0f35b43fb9268be98b22ab3ec41e5991fc2c9ed2e9b2c4099dfd1033baee33ee9b88ae21c0edd4d0a5bdf0217c8dbecc0dc93840c716c06d1f94873c62df2223b176e4e58d375aba83e3c56380576a9587a1998de03129ad9f45f48bb72c31bcb4e0bec0e4d861b3787c93c8886fda3a607d5c054a02b4b6e2885518d3812740584423c66f52be0a5cac97b45bcd0ac75086843dae508b2476225d71e0318a0aec74d11617e8c4cd87d63b9d383e2b7c1570bf355f8584b76036ba8fea04f8a2ffb2d137447ee5c776c33b74436805cfa4c8aba23ebc90499298f6aa2a63e933ec34a4800e2349e8f38c22b4125e7dc9d71656b0ec7557241029f23f9166763381479f77a44e79a46bdbfa8b6cc10f60556e367e4026c8eb94c64ae48aa8b9008d85e85a89d0cd3577371117b1117393b83d27d7c77ee33106a5d2f21d4586b536341d71f9d8225250908124ceab1d25e32da302f8bbd1247eb7938399f8b6a47ba05344ee90328293085b68b9d990c8b05d7c99a66a63c951bac67eedfcd1731f7fa4116cbc13d49acff42ced0f2b2738d2fe375be514b2d88379b7e0c05240ddbf526edcb89259bf00cea6a409a84b79f5b5aa4119718fe92980007ce538a8b1cf313fd112b4f4de21ec75e839c7b7cd39180bd70351416f060c2069d43c6696901e38f479d08a692190a5b56f18803e3739241dafde5e2edee51f75f0e3ba3dc1fdf39b33d7b7351137db12aa1d98d3196243487759c5fa5effeeeacb57f7b8490dab5b2c8f424707b03e35ce759e9c867bc89e599879b3ea3fc8d374833a7037de4122b622a6ccdb15bdb04a4a15248b26ea0c13c2f9f3003961598cc72d5a986d5d2983a45d4629f658a1f289b2d119723df6b39acf80a33b1656ecc82c505f7e3d877b3a098741dc430cabc9df3d58c06b282c293368210c560b1033dd9d1db78c6eb5a098969de6fa0f4b55d9e1774d33a00565319eb48c86d3d6c55d2b38b69a82a2cce90b7df20970572099260ed57c4285c8967d3439c0f7107a1ffbf0ff885e960daeed07ba68ee749c8ded1bcdcd89809e46acc69270d63f7905f50f4d510ce17d65346a7b1d5ea06cf82afcf65c7920eb38eef0a022e00a4d1c4ba451a6c12e3fcf8835d34256f09afbbf63ec4b68eb7622da3db2dba11e0161d2410689ece7418b06d69f5227513d5b50c7e7cbb77ada32d0be1ba624267dcc5dc403cb3886b72dd5ee8ba52269ed1d9b9116ad83f16f3923910e80015bf21737b973fb0dc4e9120791baed28ca7f806a783645bb6aad41af5933f9889260ff135bc9ba444a7e79c4ea46db022835170b411faf4740da1e502a217ff2c6efd17a34bb3cc4d288f839fa1c4560649e76bba7d15d04e66b1ea4d2fbdf0641cb4018ca20413856596366716026cf2238b2f2fa275b6d7349e63166bf9b2840b4794c408aaa851bd95e477b6d37797f8bf3faabba8f6b7d71668eb56af80296491ec85c3cc86f2d14ca59db65895ba7c21a5563af29a9136faed595553c169357318cdd9ce0c53876e0446ae2674aba9f3f990c652339ca45706aebf614420a0b7a1c4dbb82fe8e310f44089a2d5141be50e5c0074b43924bb18cd4dc76717a60a667a83c72d91333b641d4cf434e76f98e9db3821255a53d9cfc465a8e61ab04f0b848b959fcde11791dc417e444d2a8858a3946d5ce0644727afd4ba068ca568fb0789e4833ec9d20484682c3717c79c0eaec71b1ef5ea2089c751072322890efd539e459d83feff25f8015088bcf200898d936486d6289c28573c76b360300d5cfa98696110e0bdf831861cfe67d1a95f09a732aafeb4d7812d301400e3edcb62bb1453c3138677de381bedb4f222f6f2d9dd87e4e38c491fe929b5d9ad6c7bd0b55ec0ec0b7c15cb68ffd43b0b220444d5aaa2561637f23a7d7dab9a7c4bf944fe75e7205b6307adae60854b5af03357713a934a3eac61f00e52a7b389e5e0af53767c9798261d4e75f1632660b75200a53f4a55e50350df3f3b0716250d7ccd0a43c6ef9973144739b9981df9e0754b7a01370d3d610e138386b3b0ac29e05498e057e5b8534196005a36e0956e8f220c6252239a225c1b256c7831e6494b07a5ee87e75d870a9995762383db2a9fb670c7fa0c385809e4c937a9e9aebcf346461937a93ecdb4eadcb4fca946c1a0b16ef59cdd6eb2c5c09a5985495d54f94caacd638fd37e487732e1962a4adb5975efd0e49229c560c4fdf60c41d1a62483a4dde11d4a89b2b035fb96b80d288b9b732b05a81099df3c3762a2584652c6d85d70430413bc1c69e140e543933b7ba3f0976c9f0761dbf2f44de0bebffcdcb91b4db1961b7b520fa656e8623fab8b36ea46110dce831366a3c9c2dc5be3d01fea734b9ddd4307977d65bfa2b018f70d935c876393f079b3069b0db8bea1923a2732312ff04e654e9d365bc7dc91384c551d94810a737c1ee3c7c14e86afc509b5d39ff366d586796819915fa18f33164fc703e24b3756df0f3e5c3e441a2614321657b7ed4ff9d626377bf7143715a6eaa376181d75e564bf96bb795ebfbca84b5388cba740c74a38c690ad00e9639803b5dc696a03f80fc83a14b8b359c8ad14356e688128fb58c65e8eb943d23fa2271964c735e6a209ecbcbf06e80a758633ec9c2688de8210b244511a39efa1d07f801b31b8eb4d39aa0541d9316e9e26b8546a70157f30140ed202e2d1a6ffb696a322a512549b3b396c3095cebb8c4085ab221c89e45e7c667804de0e6038a5ca8cd951d5df8d751528f03beea95df5737a8cd2d6ab9e18139bd658a8f2090374ca7c6fcc524e63a", 0xffb, 0x6}], 0x0, 0x0)
09:21:49 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x3, 0x0, &(0x7f00000018c0))
09:21:49 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={0x0, @in={0x2, 0x0, @loopback}, @rc={0x1f, @fixed}, @nl=@unspec})
09:21:49 executing program 3:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind(r0, &(0x7f0000000080)=@caif=@dbg, 0x80)
09:21:49 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$rtc(&(0x7f0000000800), 0x0, 0x0)
ioctl$RTC_SET_TIME(r0, 0x4028700f, 0x0)
09:21:49 executing program 4:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000080))
[ 80.669648] audit: type=1400 audit(1756459309.972:7): avc: denied { execmem } for pid=273 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1
[ 81.877435] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 81.880108] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 81.885652] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 81.887183] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 81.889812] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 81.891112] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 81.892372] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 81.893854] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 81.895601] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 81.896682] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 81.897730] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 81.901904] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 81.903321] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 81.904838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 81.906596] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 81.908060] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 81.909516] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 81.916241] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 81.940792] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 81.942051] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 81.947937] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 81.948428] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 81.950917] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 81.970176] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 81.973904] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 81.990281] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 81.995314] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 82.000810] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 82.002864] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 82.003895] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 82.007123] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 82.008557] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 82.009538] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 82.013754] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 82.013832] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 82.014900] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 82.017472] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 82.018159] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 82.020295] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 82.037594] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 83.967654] Bluetooth: hci0: command tx timeout
[ 83.967667] Bluetooth: hci2: command tx timeout
[ 83.968307] Bluetooth: hci1: command tx timeout
[ 84.032452] Bluetooth: hci4: command tx timeout
[ 84.032479] Bluetooth: hci3: command tx timeout
[ 84.095119] Bluetooth: hci5: command tx timeout
[ 84.095233] Bluetooth: hci6: command tx timeout
[ 84.095875] Bluetooth: hci7: command tx timeout
[ 86.015038] Bluetooth: hci1: command tx timeout
[ 86.016048] Bluetooth: hci2: command tx timeout
[ 86.016115] Bluetooth: hci0: command tx timeout
[ 86.079208] Bluetooth: hci4: command tx timeout
[ 86.079640] Bluetooth: hci3: command tx timeout
[ 86.143100] Bluetooth: hci6: command tx timeout
[ 86.144890] Bluetooth: hci7: command tx timeout
[ 86.144937] Bluetooth: hci5: command tx timeout
[ 88.063109] Bluetooth: hci2: command tx timeout
[ 88.063779] Bluetooth: hci1: command tx timeout
[ 88.065018] Bluetooth: hci0: command tx timeout
[ 88.127073] Bluetooth: hci4: command tx timeout
[ 88.130013] Bluetooth: hci3: command tx timeout
[ 88.191175] Bluetooth: hci5: command tx timeout
[ 88.191231] Bluetooth: hci7: command tx timeout
[ 88.191813] Bluetooth: hci6: command tx timeout
[ 90.111148] Bluetooth: hci0: command tx timeout
[ 90.111623] Bluetooth: hci1: command tx timeout
[ 90.112469] Bluetooth: hci2: command tx timeout
[ 90.175112] Bluetooth: hci3: command tx timeout
[ 90.175718] Bluetooth: hci4: command tx timeout
[ 90.241111] Bluetooth: hci7: command tx timeout
[ 90.241139] Bluetooth: hci5: command tx timeout
[ 90.241576] Bluetooth: hci6: command tx timeout
[ 120.948590] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 120.949987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.116552] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.118041] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.291017] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.291665] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.464594] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.466098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.605328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.606325] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 121.649089] loop7: detected capacity change from 0 to 8
09:22:31 executing program 7:
syz_emit_ethernet(0x42, &(0x7f00000010c0)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "d2fa9e", 0x8, 0x0, 0x0, @private1, @rand_addr=' \x01\x00', {[@routing={0x0, 0x0, 0x1, 0x1, 0x2}]}}}}}, 0x0)
[ 121.764620] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 121.765270] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:22:31 executing program 7:
syz_emit_ethernet(0x42, &(0x7f00000010c0)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "d2fa9e", 0x8, 0x0, 0x0, @private1, @rand_addr=' \x01\x00', {[@routing={0x0, 0x0, 0x1, 0x1, 0x2}]}}}}}, 0x0)
09:22:31 executing program 3:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind(r0, &(0x7f0000000080)=@caif=@dbg, 0x80)
09:22:31 executing program 7:
syz_emit_ethernet(0x42, &(0x7f00000010c0)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "d2fa9e", 0x8, 0x0, 0x0, @private1, @rand_addr=' \x01\x00', {[@routing={0x0, 0x0, 0x1, 0x1, 0x2}]}}}}}, 0x0)
09:22:31 executing program 3:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind(r0, &(0x7f0000000080)=@caif=@dbg, 0x80)
[ 122.022868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.023951] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:22:31 executing program 3:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind(r0, &(0x7f0000000080)=@caif=@dbg, 0x80)
09:22:31 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x3, 0x0, &(0x7f00000018c0))
09:22:31 executing program 7:
syz_emit_ethernet(0x42, &(0x7f00000010c0)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @generic={0x0, 0x6, "d2fa9e", 0x8, 0x0, 0x0, @private1, @rand_addr=' \x01\x00', {[@routing={0x0, 0x0, 0x1, 0x1, 0x2}]}}}}}, 0x0)
[ 122.140270] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.140891] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.190009] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.190618] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.238890] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.239507] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.282687] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.283302] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.314998] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.315598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.371308] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.371940] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.423547] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.424204] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.487102] audit: type=1400 audit(1756459351.787:8): avc: denied { open } for pid=3895 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 122.490706] audit: type=1400 audit(1756459351.787:9): avc: denied { kernel } for pid=3895 comm="syz-executor.6" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=perf_event permissive=1
[ 122.493761] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.494376] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 122.540539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 122.541344] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
09:22:32 executing program 0:
syz_emit_ethernet(0x6e, &(0x7f00000002c0)={@link_local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "2f2802", 0x38, 0x0, 0x0, @local, @local, {[@srh={0x0, 0x6, 0x5, 0x3, 0x0, 0x0, 0x0, [@mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private1]}]}}}}}, 0x0)
09:22:32 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCADDRT(r0, 0x890b, &(0x7f0000000440)={0x0, @in={0x2, 0x0, @loopback}, @rc={0x1f, @fixed}, @nl=@unspec})
09:22:32 executing program 6:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$rtc(&(0x7f0000000800), 0x0, 0x0)
ioctl$RTC_SET_TIME(r0, 0x4028700f, 0x0)
09:22:32 executing program 3:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_opts(r0, 0x29, 0x39, 0x0, &(0x7f0000000080))
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x83a0)
09:22:32 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x3, 0x0, &(0x7f00000018c0))
09:22:32 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8970, &(0x7f0000000280)={'wpan1\x00'})
09:22:32 executing program 1:
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x79, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$sr(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r0 = syz_open_dev$rtc(&(0x7f0000000800), 0x0, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x3b)
socket$packet(0x11, 0x2, 0x300)
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, &(0x7f0000001540))
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x80081, 0x0)
ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000001500)={0x0, 0x0, 0xffff8000})
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
09:22:32 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x6f, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x4d, 0x0, @opaque="6cd68c63cdca2832c58487107ea4beb2cbcda9afa08750ea99e46fdcedd77740b07775c21741619389557b7dfa3dbd80e5858b173084418eef390fa4e16896b7b734eac29c"}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000000800)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000080)=""/22, 0x16}, {&(0x7f0000000300)=""/78, 0x2f}], 0x2}}], 0x1, 0x0, 0x0)
[ 122.828155] kmemleak: Found object by alias at 0x607f1a639b44
[ 122.828177] CPU: 1 UID: 0 PID: 3912 Comm: syz-executor.5 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 122.828196] Tainted: [W]=WARN
[ 122.828200] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 122.828207] Call Trace:
[ 122.828211]
[ 122.828216] dump_stack_lvl+0xca/0x120
[ 122.828246] __lookup_object+0x94/0xb0
[ 122.828264] delete_object_full+0x27/0x70
[ 122.828280] free_percpu+0x30/0x1160
[ 122.828296] ? arch_uprobe_clear_state+0x16/0x140
[ 122.828317] futex_hash_free+0x38/0xc0
[ 122.828331] mmput+0x2d3/0x390
[ 122.828350] do_exit+0x79d/0x2970
[ 122.828364] ? signal_wake_up_state+0x85/0x120
[ 122.828380] ? zap_other_threads+0x2b9/0x3a0
[ 122.828396] ? __pfx_do_exit+0x10/0x10
[ 122.828408] ? do_group_exit+0x1c3/0x2a0
[ 122.828421] ? lock_release+0xc8/0x290
[ 122.828438] do_group_exit+0xd3/0x2a0
[ 122.828453] __x64_sys_exit_group+0x3e/0x50
[ 122.828466] x64_sys_call+0x18c5/0x18d0
[ 122.828482] do_syscall_64+0xbf/0x360
[ 122.828493] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 122.828505] RIP: 0033:0x7f5225eb5b19
[ 122.828514] Code: Unable to access opcode bytes at 0x7f5225eb5aef.
[ 122.828519] RSP: 002b:00007fffc6f2b238 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 122.828531] RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f5225eb5b19
[ 122.828538] RDX: 00007f5225e6872b RSI: ffffffffffffffbc RDI: 0000000000000000
[ 122.828546] RBP: 0000000000000000 R08: 0000001b2d0214c4 R09: 0000000000000000
[ 122.828553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 122.828559] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fffc6f2b320
[ 122.828575]
[ 122.828579] kmemleak: Object (percpu) 0x607f1a639b40 (size 8):
[ 122.828586] kmemleak: comm "syz-executor.3", pid 3914, jiffies 4294789436
[ 122.828593] kmemleak: min_count = 1
[ 122.828596] kmemleak: count = 0
[ 122.828600] kmemleak: flags = 0x21
[ 122.828604] kmemleak: checksum = 0
[ 122.828608] kmemleak: backtrace:
[ 122.828611] pcpu_alloc_noprof+0x87a/0x1170
[ 122.828626] perf_trace_event_init+0x366/0xa10
[ 122.828640] perf_trace_init+0x1a4/0x2f0
[ 122.828651] perf_tp_event_init+0xa6/0x120
[ 122.828667] perf_try_init_event+0x140/0x9f0
[ 122.828685] perf_event_alloc.part.0+0x118e/0x45f0
[ 122.828701] __do_sys_perf_event_open+0x719/0x2c20
[ 122.828714] do_syscall_64+0xbf/0x360
[ 122.828722] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 122.875639] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#1] SMP KASAN NOPTI
[ 122.876582] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 122.877204] CPU: 1 UID: 0 PID: 3924 Comm: syz-executor.4 Tainted: G W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 122.879394] Tainted: [W]=WARN
[ 122.880171] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 122.882206] RIP: 0010:perf_tp_event+0x175/0xe70
[ 122.884473] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 122.887825] RSP: 0018:ffff888045f37600 EFLAGS: 00010212
[ 122.888372] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90006a3a000
[ 122.889088] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 122.889811] RBP: ffff888045f37870 R08: ffff88806cf31340 R09: ffffe8ffffd16b40
[ 122.890544] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 122.891267] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[ 122.891998] FS: 00007f3e63543700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 122.892815] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 122.893409] CR2: 00007f7302217000 CR3: 00000000420d9000 CR4: 0000000000350ef0
[ 122.894130] Call Trace:
[ 122.894408]
[ 122.894646] ? __pfx_perf_tp_event+0x10/0x10
[ 122.895133] ? perf_trace_run_bpf_submit+0xef/0x180
[ 122.895640] perf_trace_run_bpf_submit+0xef/0x180
[ 122.896132] perf_trace_lock+0x337/0x5d0
[ 122.896559] ? __pfx_perf_trace_lock+0x10/0x10
[ 122.897025] ? lock_acquire+0x15e/0x2f0
[ 122.897436] ? futex_ref_get+0x48/0x300
[ 122.897840] ? futex_ref_get+0x114/0x300
[ 122.898267] ? futex_hash+0x15c/0x390
[ 122.898664] lock_release+0x1ab/0x290
[ 122.899058] ? futex_hash+0x15c/0x390
[ 122.899450] futex_ref_get+0x119/0x300
[ 122.899846] ? futex_hash+0x15c/0x390
[ 122.900235] futex_hash+0x70/0x390
[ 122.900598] futex_wait_setup+0xae/0x550
[ 122.901022] __futex_wait+0x151/0x300
[ 122.901424] ? __pfx___futex_wait+0x10/0x10
[ 122.901872] ? __pfx_futex_wake_mark+0x10/0x10
[ 122.902368] futex_wait+0xde/0x380
[ 122.902745] ? __pfx_futex_wait+0x10/0x10
[ 122.903170] ? perf_trace_lock+0xb5/0x5d0
[ 122.903592] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 122.904129] do_futex+0x2ee/0x370
[ 122.904494] ? __pfx_do_futex+0x10/0x10
[ 122.904898] ? do_raw_spin_lock+0x123/0x260
[ 122.905340] __x64_sys_futex+0x1c9/0x4d0
[ 122.905753] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 122.906288] ? __pfx___x64_sys_futex+0x10/0x10
[ 122.906755] ? kcov_ioctl+0x386/0x6c0
[ 122.907143] ? fput+0x6a/0x100
[ 122.907485] do_syscall_64+0xbf/0x360
[ 122.907876] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 122.908400] RIP: 0033:0x7f3e65fcdb19
[ 122.908788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 122.910615] RSP: 002b:00007f3e63543218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 122.911382] RAX: ffffffffffffffda RBX: 00007f3e660e0f68 RCX: 00007f3e65fcdb19
[ 122.912115] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3e660e0f68
[ 122.912832] RBP: 00007f3e660e0f60 R08: 00007f3e63543700 R09: 0000000000000000
[ 122.913551] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3e660e0f6c
[ 122.914279] R13: 00007ffdf5ef22af R14: 00007f3e63543300 R15: 0000000000022000
[ 122.915011]
[ 122.915252] Modules linked in:
[ 122.915616] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000032: 0000 [#2] SMP KASAN NOPTI
[ 122.916727] KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]
[ 122.917476] CPU: 1 UID: 0 PID: 3924 Comm: syz-executor.4 Tainted: G D W 6.17.0-rc3-next-20250829 #1 PREEMPT(voluntary)
[ 122.918692] Tainted: [D]=DIE, [W]=WARN
[ 122.919087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 122.919909] RIP: 0010:perf_tp_event+0x175/0xe70
[ 122.920385] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 122.922219] RSP: 0018:ffff88806cf08a80 EFLAGS: 00010012
[ 122.922752] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: 0000000000000002
[ 122.923464] RDX: ffff888016541b80 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 122.924173] RBP: ffff88806cf08cf0 R08: ffff88806cf31490 R09: ffffe8ffffd16b40
[ 122.924888] R10: 0000000000000000 R11: ffff88806cf37018 R12: dffffc0000000000
[ 122.925607] R13: 0000000000000024 R14: ffff88806cf31490 R15: dffffc0000000000
[ 122.926330] FS: 00007f3e63543700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 122.927134] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 122.927726] CR2: 00007f7302217000 CR3: 00000000420d9000 CR4: 0000000000350ef0
[ 122.928450] Call Trace:
[ 122.928684]
[ 122.928885] ? __pfx_perf_tp_event+0x10/0x10
[ 122.929288] ? stack_depot_save_flags+0x2c/0xa20
[ 122.929753] ? stack_depot_save_flags+0x2c/0xa20
[ 122.930245] ? kasan_save_stack+0x34/0x50
[ 122.930670] ? kasan_save_stack+0x24/0x50
[ 122.931094] ? kasan_save_track+0x14/0x30
[ 122.931523] ? __kasan_save_free_info+0x3a/0x60
[ 122.931989] ? __kasan_slab_free+0x3f/0x50
[ 122.932427] ? kmem_cache_free+0x2a1/0x540
[ 122.932816] ? rcu_core+0x7c8/0x1800
[ 122.933153] ? handle_softirqs+0x1b1/0x770
[ 122.933556] ? __irq_exit_rcu+0xc4/0x100
[ 122.933976] ? irq_exit_rcu+0x9/0x20
[ 122.934368] ? sysvec_apic_timer_interrupt+0x70/0x80
[ 122.934892] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 122.935435] ? __sanitizer_cov_trace_pc+0x8/0x80
[ 122.935920] ? unmap_page_range+0x1adc/0x36d0
[ 122.936387] ? unmap_single_vma.constprop.0+0x153/0x230
[ 122.936879] ? unmap_vmas+0x1d6/0x430
[ 122.937224] ? exit_mmap+0x181/0xaa0
[ 122.937582] ? mmput+0xd5/0x390
[ 122.937929] ? do_exit+0x79d/0x2970
[ 122.938313] ? do_group_exit+0xd3/0x2a0
[ 122.938717] ? __x64_sys_exit_group+0x3e/0x50
[ 122.939183] ? kvm_sched_clock_read+0x16/0x30
[ 122.939644] ? sched_clock+0x37/0x60
[ 122.940034] ? sched_clock_cpu+0x6c/0x4e0
[ 122.940467] ? perf_trace_run_bpf_submit+0xef/0x180
[ 122.940920] perf_trace_run_bpf_submit+0xef/0x180
[ 122.941350] perf_trace_lock+0x337/0x5d0
[ 122.941750] ? place_entity+0x300/0x410
[ 122.942164] ? kvm_sched_clock_read+0x16/0x30
[ 122.942643] ? __pfx_perf_trace_lock+0x10/0x10
[ 122.943113] ? check_preempt_wakeup_fair+0x6e/0x950
[ 122.943624] ? sched_ttwu_pending+0x2e0/0x4a0
[ 122.944093] lock_release+0x1ab/0x290
[ 122.944487] ? ttwu_do_activate+0x1a4/0x8a0
[ 122.944878] _raw_spin_unlock+0x16/0x40
[ 122.945239] sched_ttwu_pending+0x2e0/0x4a0
[ 122.945657] ? __pfx_try_to_wake_up+0x10/0x10
[ 122.946123] ? __pfx_sched_ttwu_pending+0x10/0x10
[ 122.946628] ? mark_held_locks+0x49/0x80
[ 122.947054] __flush_smp_call_function_queue+0x434/0x740
[ 122.947609] __sysvec_call_function_single+0x6d/0x370
[ 122.948148] sysvec_call_function_single+0xa1/0xc0
[ 122.948655]
[ 122.948886]
[ 122.949123] asm_sysvec_call_function_single+0x1a/0x20
[ 122.949664] RIP: 0010:oops_exit+0x0/0x50
[ 122.950081] Code: f1 39 00 be ff ff ff ff 48 c7 c7 50 ac 43 86 e8 c6 0f f9 ff 5b e9 20 f1 39 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <66> 0f 1f 00 53 e8 06 f1 39 00 8b 1d c0 ed 4e 06 31 ff 89 de e8 27
[ 122.951923] RSP: 0018:ffff888045f37490 EFLAGS: 00000202
[ 122.952461] RAX: 0000000000026346 RBX: 0000000000000216 RCX: ffffc90006a3a000
[ 122.953175] RDX: 0000000000040000 RSI: ffffffff812a3dca RDI: 0000000000000007
[ 122.953888] RBP: 000000000000000b R08: 0000000000000001 R09: fffffbfff0f11c90
[ 122.954628] R10: 0000000000000000 R11: 0000000000000001 R12: ffff888045f37558
[ 122.955342] R13: 0000000000000000 R14: dffffc0000000032 R15: 0000000000000000
[ 122.956065] ? oops_end+0x4a/0xe0
[ 122.956436] oops_end+0x65/0xe0
[ 122.956792] exc_general_protection+0x1a2/0x330
[ 122.957271] asm_exc_general_protection+0x26/0x30
[ 122.957760] RIP: 0010:perf_tp_event+0x175/0xe70
[ 122.958248] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 122.960076] RSP: 0018:ffff888045f37600 EFLAGS: 00010212
[ 122.960616] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90006a3a000
[ 122.961335] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 122.962055] RBP: ffff888045f37870 R08: ffff88806cf31340 R09: ffffe8ffffd16b40
[ 122.962787] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 122.963505] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[ 122.964231] ? perf_tp_event+0x167/0xe70
[ 122.964666] ? __pfx_perf_tp_event+0x10/0x10
[ 122.965161] ? perf_trace_run_bpf_submit+0xef/0x180
[ 122.965670] perf_trace_run_bpf_submit+0xef/0x180
[ 122.966171] perf_trace_lock+0x337/0x5d0
[ 122.966604] ? __pfx_perf_trace_lock+0x10/0x10
[ 122.967071] ? lock_acquire+0x15e/0x2f0
[ 122.967479] ? futex_ref_get+0x48/0x300
[ 122.967883] ? futex_ref_get+0x114/0x300
[ 122.968301] ? futex_hash+0x15c/0x390
[ 122.968694] lock_release+0x1ab/0x290
[ 122.969089] ? futex_hash+0x15c/0x390
[ 122.969475] futex_ref_get+0x119/0x300
[ 122.969872] ? futex_hash+0x15c/0x390
[ 122.970274] futex_hash+0x70/0x390
[ 122.970643] futex_wait_setup+0xae/0x550
[ 122.971066] __futex_wait+0x151/0x300
[ 122.971463] ? __pfx___futex_wait+0x10/0x10
[ 122.971903] ? __pfx_futex_wake_mark+0x10/0x10
[ 122.972383] futex_wait+0xde/0x380
[ 122.972760] ? __pfx_futex_wait+0x10/0x10
[ 122.973189] ? perf_trace_lock+0xb5/0x5d0
[ 122.973619] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 122.974153] do_futex+0x2ee/0x370
[ 122.974526] ? __pfx_do_futex+0x10/0x10
[ 122.974930] ? do_raw_spin_lock+0x123/0x260
[ 122.975371] __x64_sys_futex+0x1c9/0x4d0
[ 122.975791] ? trace_irq_enable.constprop.0+0xc2/0x100
[ 122.976321] ? __pfx___x64_sys_futex+0x10/0x10
[ 122.976789] ? kcov_ioctl+0x386/0x6c0
[ 122.977180] ? fput+0x6a/0x100
[ 122.977514] do_syscall_64+0xbf/0x360
[ 122.977867] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 122.978340] RIP: 0033:0x7f3e65fcdb19
[ 122.978696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 122.980486] RSP: 002b:00007f3e63543218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 122.981236] RAX: ffffffffffffffda RBX: 00007f3e660e0f68 RCX: 00007f3e65fcdb19
[ 122.981906] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3e660e0f68
[ 122.982544] RBP: 00007f3e660e0f60 R08: 00007f3e63543700 R09: 0000000000000000
[ 122.983252] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3e660e0f6c
[ 122.983955] R13: 00007ffdf5ef22af R14: 00007f3e63543300 R15: 0000000000022000
[ 122.984667]
[ 122.984906] Modules linked in:
[ 122.985236] ---[ end trace 0000000000000000 ]---
[ 122.985707] RIP: 0010:perf_tp_event+0x175/0xe70
[ 122.986189] Code: ff df 48 89 85 a8 fd ff ff 48 c1 e8 03 4c 01 e0 48 89 85 c8 fd ff ff e8 c9 51 ea ff 48 8d bb f0 01 00 00 48 89 f8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 74 08 3c 03 0f 8e c5 0b 00 00 44 8b ab f0 01
[ 122.987984] RSP: 0018:ffff888045f37600 EFLAGS: 00010212
[ 122.988513] RAX: 0000000000000032 RBX: ffffffffffffffa1 RCX: ffffc90006a3a000
[ 122.989217] RDX: 0000000000040000 RSI: ffffffff818995b7 RDI: 0000000000000191
[ 122.989917] RBP: ffff888045f37870 R08: ffff88806cf31340 R09: ffffe8ffffd16b40
[ 122.990632] R10: 0000000000000000 R11: 0000000000000001 R12: dffffc0000000000
[ 122.991337] R13: 000000000000002c R14: ffff88806cf31340 R15: dffffc0000000000
[ 122.992045] FS: 00007f3e63543700(0000) GS:ffff8880e56dd000(0000) knlGS:0000000000000000
[ 122.992819] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 122.993333] CR2: 00007f7302217000 CR3: 00000000420d9000 CR4: 0000000000350ef0
[ 122.994025] Kernel panic - not syncing: Fatal exception in interrupt
[ 122.994938] Kernel Offset: disabled
[ 122.995308] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---
VM DIAGNOSIS:
09:22:32 Registers:
info registers vcpu 0
RAX=000000000000ba59 RBX=ffff88806cf3c300 RCX=ffffc9000120e000 RDX=0000000000040000
RSI=ffffffff816880d6 RDI=0000000000000005 RBP=0000000000000003 RSP=ffff888045eef5a8
R8 =0000000000000000 R9 =0000000000000000 R10=0000000000000001 R11=1ffff1100d9c6bb1
R12=ffffed100d9e7861 R13=ffff88806cf3c308 R14=0000000000000001 R15=dffffc0000000000
RIP=ffffffff816880d8 RFL=00000212 [----A--] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007efd014c8700 00000000 00000000
GS =0000 ffff8880e55dd000 00000000 00000000
LDT=0000 fffffe5100000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007efd04066018 CR3=0000000044c6e000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007efd040397c000007efd040397c8
XMM02=00007efd040397e000007efd040397c0 XMM03=00007efd040397c800007efd040397c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000064 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff828e32c5 RDI=ffffffff88724180 RBP=ffffffff88724140 RSP=ffff888045f36ef0
R8 =0000000000000000 R9 =ffffed1001349046 R10=0000000000000064 R11=0000000065646f43
R12=0000000000000064 R13=0000000000000010 R14=ffffffff88724140 R15=ffffffff828e32b0
RIP=ffffffff828e331d RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f3e63543700 00000000 00000000
GS =0000 ffff8880e56dd000 00000000 00000000
LDT=0000 fffffe4400000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f7302217000 CR3=00000000420d9000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f3e660b47c000007f3e660b47c8
XMM02=00007f3e660b47e000007f3e660b47c0 XMM03=00007f3e660b47c800007f3e660b47c0
XMM04=ffffffff0000ff00000000ff00000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000